Wednesday, May 23, 2012

I really wanted to buy this game, but I'm not going to reward a company with my business who puts obnoxious DRM into their software. The idea of a single player mode really interests me because sometimes I'm off the grid and I want to still use a laptop or netbook. Requiring me to be connected to the Internet for single player mode is something I'm not going to accept. I've been waiting for many years to play this game, but I'm not desperate - there's lots of fish in the sea.

Now ... someday when they take the DRM out ... maybe I'll change my mind.

Tuesday, May 22, 2012

Having a great time with Google Sites so far. The tools are very crude and frustrating to learn, but the payoff should be worth it. A free site that can take as many page hits as Google itself. Of course, there's a couple down sides I've found. So far no deal breakers to building my consulting site, though. I will never have controversial content on my consulting site, so there's no chafing against all those rules.

Google's Page Editor - Good Grief !

I am slowly learning to be very annoyed by the built-in page editor. It's very crude and restrictive. I was trying to layout my home page and as I worked with it, it seemed to get worse and worse.

So, I took the raw HTML and pasted it into MS Visual Studio 10.0. I was shocked at what HTML the page editor had created for me. So what I did was create that page from scratch in Visual Studio and then when I was satisfied with it, I copied and pasted it back into Google's page editor. The reverse also works. I can create a widget using Google's page editor and then easily manipulate that HTML using Visual Studio. But so far the idea is to keep the master copies of pages locally and let Google hold the copies.

Monday, May 21, 2012

Microsoft reported on Friday in an MSDN blog post that it is going to ditch Aero Glass for a more consistent feel across all platforms that Windows 8 is going to run under. So far just from looking at their screen shot, I miss Aero already. Some of the other Vista-era stuff could go away and I would be fine with it. But please mister, don't take away my Aero.

Saturday, May 5, 2012

Introduction

In my job as a consultant, I am usually in possession of my client's data, some of it sensitive. I do lots of work for insurance companies who generally keep large amounts of personal information about their customers (insureds). Some of these companies are even public companies, so there's all sorts of extra laws they have to abide by. And of course, because I work out of my home office, I sometimes need to work with some of that data in my office, and my office is connected to the Internet.

I've always said that the only problem with privacy on the Internet is that there is none.

Just about every single thing you do on the 'net decreases your privacy. If I were to draw a diagram, it would show your personal information flowing away from you towards the Internet. It wouldn't be a pretty picture.

Obviously there are lots of procedural things you can do to increase your privacy, but today I'm going to talk about the main tool that people can use to increase their privacy on the Internet. Encryption.

Disclaimer

Information is power. And any power can be abused. The same technology you can use to keep your sensitive, legitimate data safe and secret, can also be used to keep knowledge of bad things safe and secret. I'm a technologist, not a philosopher or attorney. The moral aspects of this technology are beyond my pay grade. Encryption is a powerful tool, so please use it responsibly.

Public Key Cryptography

The arts of concealing information date back to the dawn of man. As long as there have been secrets to keep, there have been ways of concealing them. There have been lots of methods throughout the years, but it is "public key encryption" that dominates the Internet landscape today. I know basically how it works, but I'm not a mathematician, so read this link for more information.

Securing Your Data

I'm rather fond of how I secure my data. My "work computers" are virtual machines (VMs). This gives me quite a few benefits, but one I'm interested in here is the separation between my home life and work life. When I "power off" my VMs at the end of the day, there's no client data on my computer - that data is all inside the VMs.

TrueCrypt

Now, the VMs all reside on drives encrypted with TrueCrypt, which is an open source application for creating encrypted drives. I put the entire volume under TrueCrypt. When your computer powers up, you have to type in passwords for all your encrypted drives. It's a big hassle, but that's the price of safety.

Once you type in the password, that drive is available to anyone who has access to your computer. The encryption keys reside in memory for as long as the computer is powered on. Once the machine is powered off then you need the passwords to reconnect the drives when the machine is booted.

As you can see, if the computer is stolen from you, they'd pretty much have to power it off to get it out of your office. Once they do that, the hard drives inside are literally bricks without the password. Your data is safe.

Obviously there are other ways for people to take your valuable data, but those are beyond the scope of this post. Encrypting your drives is the "low hanging fruit".

VPN

Your data is vulnerable not only at the point of storage (your hard drives) but also at the point where it enters/leaves your office, i.e. your Internet connection. Short for "Virtual Private Network", having a VPN gives you a secure (encrypted) connection between two networks. So, it allows you connect two networks without worrying about your data being intercepted between both endpoints. Though you do have risks at the endpoints themselves.

Support for VPNs is built into Windows and most routers. There's also lots of third party and even open source applications. Most people setup their VPN from router-to-router so that it's transparent. Some people like me use the "dialup" method where I press a button to connect to a secure network.

Encryption Backdoors?

It's widely rumored to be true and in some cases even proven. My problem with encryption back doors isn't that it lets governments spy on your personal information. That's back to morality/philosophy, which I have no interest in debating. No, my problem with potential back doors is that it's another possible exploit - something that makes it less secure.

Either way, I have an obligation to keep my client's data safe to the best of my ability, so to that end, I try to use open source encryption like TrueCrypt whenever possible. I even prefer to use the open source algorithms like Blowfish where possible too.

Though, it's not something I worry about much. And honestly, you can only do so much. You are always going to be vulnerable to someone with more talent / resources than you. But I can look my clients in the eyeballs and tell them that I am using good practices. I make a pretty good attempt to keep the data I use secure.

Encryption Cracking?

It's also widely rumored that *cough* certain agencies in certain governments now have the computing resources (and possible mathematical breakthroughs) to be able to "crack" modern public key encryption.

Modern encryption relies on the fact that it is very difficult for a computer to factor products of very large prime numbers. Since the very scruffy mathematical types figured out encryption, it's probably inevitable that those same people will someday figure out how to defeat it.

My strategy for dealing with this possibility is simply not to have a beef with a) large groups of mathematicians and/or b) people with lots of super-computers. Again, not something I worry about much.

Conclusion

My basic privacy strategy for securing my business data is to contain it in a virtual machine (VM), encrypt the container with TrueCrypt and encrypt the connection between my office(s), and my clients office(s) with a VPN. This is not the entirety of my strategy but the gist of it.

Friday, May 4, 2012

After a day of running the new RT-N16 router flashed to DD-WRT, it's pretty clear that the last router was responsible for just about all of the issues I was having.

It's great having the open source firmware. DD-WRT provides a ton of information about what's going on with your network. If you have as many devices on your network as I do, this information is invaluable.

Thursday, May 3, 2012

Out Of The Box

Today I received my shiny new Asus RT-N16 router from NewEgg. I was really excited finally get a replacement for the one I had, which was giving the whole family quite a bit of grief, in addition to the problems it was causing for work. So, I unboxed it and hooked it up.

First Impressions

It's a solid looking unit. It doesn't look or feel cheap at all. The packaging was good and everything was neatly laid out. I thought I read somewhere in one of the reviews that they hated the blue lights on it, but I think it looks fine. You only get one chance to make a first impression, and this router didn't disappoint.

The router connected right up to my computer and I looked around at the built in administration screens. It looked like they put a lot of work into the user interface but it looked a little flashy for me, and plus it was a little choppy. It seemed perfectly functional, but it was very "flickery". So, I decided to flash it with DD-WRT.

DD-WRT

Half the reason I bought this thing is because all the reviews were saying how nice it was with DD-WRT and TOMATO firmwares. It is wonderful that this router advertises the ability to use open source firmware, though it would've been even better if it came pre-installed.

Flashing the firmware of your router is not for the faint of heart. If you make a mistake then you could end up "bricking" the router, meaning that it is no longer a router, and its only value is as a big chunk of plastic. You want to do your homework and make sure you are flashing the right version for your model router.

I downloaded the "mega" install and tried step one in the Wiki, which was to use the browser to flash the firmware. This didn't work. I followed the instructions to put the router into "recovery mode" it kept telling me that the firmware update failed.

So, I downloaded the Asus utility for my router and tried that. It was still complaining that the device was not in "rescue mode." I'd unplug the router, hold the reset button down, and plug it back in. The router gives no indication that it's in recovery mode, so I was having a really hard time.

Two Buttons!

...until I read a forum post somewhere talking about getting the buttons confused. There are two buttons on the back! I never did put my reading glasses on and look how those buttons are labeled. Looking at my diagram above, I was pressing the red button while plugging in the router. It's the other button. Once I did that, the utility let me flash the firmware.

Success

Now everything seems to work fine. The last time I used DD-WRT was to bring an old Linksys router back to life. So, I took a 5 year old router and got 5 more years out of it until it was just too old and slow to run all the devices that are now on my network. Seems like everyone who comes over has a pocket full of devices.

Since I had to replace that router, I have had about half a dozen routers and I've hated them all. It looks like I am good now, though. Hopefully I will retire this router only when it's just too old, and not because I despise it. Time will tell...

Tuesday, May 1, 2012

Several months ago I was buying some large hard drives for our development team to store lots of virtual machines and backups. Virtual machines are great to use for software development. But the virtual hard drives of the virtual machines take up real world space on your real world hard drives.

It's great having a couple dozen virtual development machines at my disposal. I can run several of them at a time in whatever configuration I choose. They can even be connected together in an ad-hoc network. It's absolutely the best way for a power user to use lots of different computers without having the heat, noise and expense of real ones.

So, a few months ago when I was buying all these drives for the team, I wasn't sure if I would need one for myself. They are only getting cheaper, right? WRONG. Once day I went to order one for myself, and they had quadrupled in price overnight!

A couple years ago I was buying 2 TB drives for $59 and all of the sudden they jump to $400 because some company that makes drive parts fell into the ocean. There was no way I was going to pay that much, even with someone else's money.

Yesterday I finally gave in and ordered a 2 TB Western Digital Caviar Green for $119 on Newegg. It's about time!